338de14e669110d317f0861578991590_NeikiAnalytics

Sharing

Copy URL Twitter E-mail

General

Target

338de14e669110d317f0861578991590_NeikiAnalytics
Size

430KB
MD5

338de14e669110d317f0861578991590
SHA1

1fd978634428b97c02cdfb287d9bef2610c204be
SHA256

753061e9642145397f9fc014b0328e1a224ae13e0409b9785b85b612664b7159
SHA512

8b828de2c79fe407fbc5c859f5c63ac1120eb28a1432d83a623c87d0e6c8678de4b29ee8e9fdca76de799d055b83ac1d6df8d40934b9abf62f235c415695a428
SSDEEP

6144:+NzFSdf29c1ueCDYh3J8mD2yyEwGWFZ9I0BgTrtbOklaxywxpy00ZkMzzNsiAyz1:+3S49caDE3ymReAFOkask2Jsifz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
338de14e669110d317f0861578991590_NeikiAnalytics

Files

338de14e669110d317f0861578991590_NeikiAnalytics
.exe windows:4 windows x86 arch:x86

25ed92c542b79a6189a4a4cac7ef3be6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

PageSetupDlgA
FindTextA
ChooseColorW
ChooseColorA
GetOpenFileNameA
ChooseFontA
GetFileTitleA
FindTextW
PrintDlgA
ReplaceTextW
ChooseFontW
GetFileTitleW
GetSaveFileNameW
LoadAlterBitmap
PrintDlgW

user32

GetWindowModuleFileNameA
AdjustWindowRect
GetClientRect

advapi32

CryptAcquireContextA
CreateServiceW
CryptEnumProvidersA
CryptDuplicateHash
RegSetKeySecurity

shell32

ShellExecuteA
SHGetSpecialFolderPathA
DragQueryFileA
SHGetSpecialFolderPathW
SheGetDirA
ExtractIconExW
SHGetFileInfoW
ShellAboutA
InternalExtractIconListA
ExtractAssociatedIconExA
SHChangeNotify
SHGetMalloc

kernel32

SetHandleCount
LoadLibraryA
WaitCommEvent
GetCurrentThread
GetSystemTimeAsFileTime
TryEnterCriticalSection
GetTimeZoneInformation
GetTickCount
GetPrivateProfileSectionW
FreeEnvironmentStringsA
OpenMutexW
GetModuleFileNameA
GetProcAddress
CompareStringW
GetStartupInfoA
GetStdHandle
GetLastError
WaitForMultipleObjects
GetUserDefaultLCID
HeapDestroy
VirtualAlloc
GetFileAttributesA
HeapReAlloc
GetLocaleInfoA
GetStringTypeW
GetVersionExA
HeapCreate
SetLastError
IsValidLocale
WriteFile
GetStringTypeA
LeaveCriticalSection
IsValidCodePage
GetEnvironmentStrings
ExitProcess
GetFileType
MultiByteToWideChar
GetSystemDirectoryW
TlsAlloc
UnhandledExceptionFilter
TlsGetValue
VirtualProtect
SetEnvironmentVariableA
VirtualFree
WideCharToMultiByte
TlsFree
GetSystemInfo
GetOEMCP
GetTimeFormatA
GetCurrentThreadId
IsBadWritePtr
EnumResourceNamesA
GetThreadTimes
HeapSize
RtlUnwind
FreeEnvironmentStringsW
GetTimeFormatW
LCMapStringW
LoadLibraryW
GetCPInfo
SetLocaleInfoW
SetConsoleCursorInfo
TlsSetValue
GetCurrentProcessId
GetCurrentProcess
GetACP
InitializeCriticalSection
QueryPerformanceCounter
HeapFree
GetEnvironmentStringsW
GetCommandLineA
GetDateFormatA
CompareStringA
LCMapStringA
InterlockedExchange
DeleteCriticalSection
SetLocaleInfoA
GlobalFindAtomW
TerminateProcess
EnterCriticalSection
EnumSystemLocalesA
HeapAlloc
GetModuleHandleA
GetPrivateProfileStringW
VirtualQuery
GetLocaleInfoW

Sections

.text
Size: 115KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 307KB - Virtual size: 307KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

25ed92c542b79a6189a4a4cac7ef3be6

Headers

File Characteristics

Imports

comdlg32

user32

advapi32

shell32

kernel32

Sections

.text Size: 115KB - Virtual size: 115KB

.data Size: 307KB - Virtual size: 307KB

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 115KB - Virtual size: 115KB

.data
Size: 307KB - Virtual size: 307KB

.rsrc
Size: 6KB - Virtual size: 6KB